Microsoft Excel 信息泄露漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information leakage vulnerability exists in Microsoft Excel, which is caused due to improper authorization validation. An attacker could exploit the vulnerability to obtain sensitive information...

surf is unmaintained

The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...

CVE-2023-6078

An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script can lead to arbitrary command execution...

Command injection

An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script can lead to arbitrary command execution...

CVE-2023-2763

Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while...

PT-2021-16709 · Cplc · Cplc

Name of the Vulnerable Software and Affected Versions: CPLC versions prior to SMR Dec-2021 Release 1 Description: The issue is related to improper access control, allowing local attackers to access CPLC information without permission. Recommendations: For versions prior to SMR Dec-2021 Release 1,...

Siemens Solid Edge 资源管理错误漏洞

Solid Edge is a 3D CAD, parametric feature and synchronous technology solid modeling software. A post-release reuse vulnerability exists in Siemens Solid Edge versions prior to SE2021MP8 when parsing OBJ files. An attacker can exploit the vulnerability to execute code in the context of the curren...

Siemens Solid Edge 资源管理错误漏洞

Solid Edge is a 3D CAD, parametric feature and synchronous technology solid modeling software. versions prior to Siemens Solid Edge SE2021MP8 contain a post-release reuse vulnerability when parsing OBJ files. An attacker could exploit this vulnerability to execute code in the context of the curre...

CVE-2021-21362

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-04T00-53-13Z it is possible to bypass a readOnly policy by creating a temporary 'mc share upload' URL. Everyone is impacted who us...

MinIO 授权问题漏洞

MinIO is an open source object storage server from US-based MinIO. The product supports building infrastructures for machine learning, analytics and application data workloads. An authorization issue vulnerability previously existed in the MinIO RELEASE.2021-03-04T00-53-13Z version that allowed...